The project is structured as a Flutter UI app plus modular Dart packages. Sensitive data is encrypted end‑to‑end using AES‑256 (GCM), and persisted as encrypted blobs. Sync providers and backup engines are pluggable.
- UI Module (
apps/flutter_app)- Cross‑platform UI in Flutter (Material 3)
- Crypto Module (
packages/crypto)- AES‑256‑GCM encryption/decryption
- Key derivation (PBKDF2/Argon2 planned)
- Storage Module (
packages/storage)- Local encrypted store (file based)
- Interfaces for alternative stores
- Sync Module (
packages/sync)- Provider interface for cloud/NAS sync
- Conflict resolution strategy (planned)
- Auth Module (
packages/auth)- TOTP 2FA generation and verification
- Backup Module (
packages/backup)- Scheduled encrypted backups
- Rotation & retention policy (planned)
- Core (
packages/core)- Domain entities, repositories, and orchestration
- User inputs data in UI
- Core validates and sends to Crypto for encryption
- Storage persists encrypted payload
- Sync provider (if enabled) uploads encrypted payload
- Backup service schedules periodic snapshots
All module interfaces are designed to allow new providers (e.g., S3, WebDAV, NAS SMB) without changing core logic.